hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-07 01:54:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

[Task 69349] changed communityAdmin check and added tests

Browse Source
This commit is contained in:
Raf Ponsaerts
2020-03-10 14:26:35 +01:00
parent 02cb339bb8
commit 8f78381ae9
3 changed files with 73 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
dspace-server-webapp/src/main/java/org/dspace/app/rest/CommunityAdminGroupRestController.java
View File

@@ -25,6 +25,7 @@ import org.dspace.authorize.AuthorizeException;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.content.Community;
import org.dspace.content.service.CommunityService;
import org.dspace.core.Constants;
import org.dspace.core.Context;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.rest.webmvc.ControllerUtils;
@@ -69,7 +70,8 @@ public class CommunityAdminGroupRestController {
if (community == null) {
throw new ResourceNotFoundException("No such community: " + uuid);
}
if (!authorizeService.isAdmin(context) && !authorizeService.isCommunityAdmin(context)) {
if (!authorizeService.isAdmin(context) && !authorizeService.authorizeActionBoolean(context, community,
Constants.ADMIN, true)) {
throw new AccessDeniedException("The current user was not allowed to retrieve the AdminGroup for" +
" community: " + uuid);
}
@@ -95,7 +97,8 @@ public class CommunityAdminGroupRestController {
throw new ResourceNotFoundException("No such community: " + uuid);
}
if (!authorizeService.isAdmin(context) && !authorizeService.isCommunityAdmin(context)) {
if (!authorizeService.isAdmin(context) && !authorizeService.authorizeActionBoolean(context, community,
Constants.ADMIN, true)) {
throw new AccessDeniedException("The current user was not allowed to retrieve the AdminGroup for" +
" community: " + uuid);
}

7
dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/CommunityAdminGroupLinkRepository.java
View File

@@ -21,7 +21,6 @@ import org.dspace.content.service.CommunityService;
import org.dspace.core.Constants;
import org.dspace.core.Context;
import org.dspace.eperson.Group;
import org.dspace.eperson.service.GroupService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Pageable;
import org.springframework.data.rest.webmvc.ResourceNotFoundException;
@@ -38,9 +37,6 @@ public class CommunityAdminGroupLinkRepository extends AbstractDSpaceRestReposit
@Autowired
private AuthorizeService authorizeService;
@Autowired
private GroupService groupService;
@PreAuthorize("hasPermission(#communityId, 'COMMUNITY', 'READ')")
public GroupRest getAdminGroup(@Nullable HttpServletRequest request,
UUID communityId,
@@ -55,7 +51,8 @@ public class CommunityAdminGroupLinkRepository extends AbstractDSpaceRestReposit
Group administrators = community.getAdministrators();
if (!authorizeService.isAdmin(context) && !authorizeService.isCommunityAdmin(context)) {
if (!authorizeService.isAdmin(context) && !authorizeService.authorizeActionBoolean(context, community,
Constants.ADMIN, true)) {
throw new AccessDeniedException("The current user was not allowed to retrieve the AdminGroup for" +
" community: " + communityId);
}

66
dspace-server-webapp/src/test/java/org/dspace/app/rest/CommunityAdminGroupRestControllerIT.java
View File

@@ -24,10 +24,13 @@ import org.dspace.app.rest.model.GroupRest;
import org.dspace.app.rest.model.MetadataRest;
import org.dspace.app.rest.model.MetadataValueRest;
import org.dspace.app.rest.test.AbstractControllerIntegrationTest;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.content.service.CommunityService;
import org.dspace.core.Constants;
import org.dspace.eperson.Group;
import org.dspace.eperson.service.GroupService;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
@@ -40,6 +43,9 @@ public class CommunityAdminGroupRestControllerIT extends AbstractControllerInteg
@Autowired
private GroupService groupService;
@Autowired
private AuthorizeService authorizeService;
@Before
public void setup() {
context.turnOffAuthorisationSystem();
@@ -57,6 +63,19 @@ public class CommunityAdminGroupRestControllerIT extends AbstractControllerInteg
jsonPath("$", GroupMatcher.matchGroupEntry(adminGroup.getID(), adminGroup.getName())));
}
@Test
public void getCommunityAdminGroupTestCommunityAdmin() throws Exception {
Group adminGroup = communityService.createAdministrators(context, parentCommunity);
authorizeService.addPolicy(context, parentCommunity, Constants.ADMIN, eperson);
String token = getAuthToken(eperson.getEmail(), password);
getClient(token).perform(get("/api/core/communities/" + parentCommunity.getID() + "/adminGroup"))
.andExpect(status().isOk())
.andExpect(
jsonPath("$", GroupMatcher.matchGroupEntry(adminGroup.getID(), adminGroup.getName())));
}
@Test
public void getCommunityAdminGroupUnAuthorizedTest() throws Exception {
communityService.createAdministrators(context, parentCommunity);
@@ -119,6 +138,37 @@ public class CommunityAdminGroupRestControllerIT extends AbstractControllerInteg
}
@Test
public void postCommunityAdminGroupCreateAdminGroupSuccessCommunityAdmin() throws Exception {
ObjectMapper mapper = new ObjectMapper();
GroupRest groupRest = new GroupRest();
MetadataRest metadataRest = new MetadataRest();
metadataRest.put("dc.description", new MetadataValueRest("testingDescription"));
metadataRest.put("dc.subject", new MetadataValueRest("testSubject"));
groupRest.setMetadata(metadataRest);
authorizeService.addPolicy(context, parentCommunity, Constants.ADMIN, eperson);
AtomicReference<UUID> idRef = new AtomicReference<>();
String token = getAuthToken(eperson.getEmail(), password);
getClient(token).perform(post("/api/core/communities/" + parentCommunity.getID() + "/adminGroup")
.content(mapper.writeValueAsBytes(groupRest))
.contentType(contentType))
.andExpect(status().isCreated())
.andDo(result -> idRef
.set(UUID.fromString(read(result.getResponse().getContentAsString(), "$.id")))
);
Group adminGroup = groupService.find(context, idRef.get());
getClient(token).perform(get("/api/eperson/groups/" + adminGroup.getID()))
.andExpect(status().isOk())
.andExpect(
jsonPath("$", GroupMatcher.matchGroupEntry(adminGroup.getID(), adminGroup.getName())));
}
@Test
public void postCommunityAdminGroupCreateAdminGroupUnAuthorized() throws Exception {
@@ -230,6 +280,22 @@ public class CommunityAdminGroupRestControllerIT extends AbstractControllerInteg
.andExpect(status().isNoContent());
}
// This is currently not supported in DSpace API
@Ignore
@Test
public void deleteCommunityAdminGroupTestCommunityAdmin() throws Exception {
Group adminGroup = communityService.createAdministrators(context, parentCommunity);
authorizeService.addPolicy(context, parentCommunity, Constants.ADMIN, eperson);
String token = getAuthToken(eperson.getEmail(), password);
getClient(token).perform(delete("/api/core/communities/" + parentCommunity.getID() + "/adminGroup"))
.andExpect(status().isNoContent());
getClient(token).perform(get("/api/core/communities/" + parentCommunity.getID() + "/adminGroup"))
.andExpect(status().isNoContent());
}
@Test
public void deleteCommunityAdminGroupUnAuthorizedTest() throws Exception {
Group adminGroup = communityService.createAdministrators(context, parentCommunity);